DDOS attack

[Rueby]

For ddos attacks the prices differ massively, and prices arent linear. The heavier the attack, the faster the price goes up. And especialy when they become very heavy, its exponential. The price betweeen the strongest attack and one at half of that is a diffirence of like 500x here. Maintaining large botnets is very expensive.

This is why IPS systems are problematic for ddos attacks long term. Initialy the ddos is cheaper than the defense, but once they scale up, pricing here is quite linear. As long as you can buy a server, you already require a ddos to be significantly stronger to compensate.

Also, if its detected which sources are known to be part, they can be blocked well ahead of the target. It only needs to pass through 1 of the datacenters that are part of a global system to avoid big ddos attacks, and suddenly your attack becomes crippled. And yes, large datacenters do these things because they otherwise would also risk hardware damage when a target is near one of their DCs.

This is really interesting! I only heard that it becomes/is expensive but I never imagined something like 500x! Using common sense, it does in a way make sense that maintaining a large amount of compromised devices can also be costly, to my not-tech-savvy brain, I'm guessing it's all about staying one step ahead is that it?

I guess if I had to break it down to my example, a small restaurant (not too many staff/resources) and a large restauranted (well staffed, plenty of resources)...The large one can probably handle the customer rush, but I imagine if this example could be parallel server upgrades, let's say your restaurant/game is functioning quite well as medium and you only expect a 'rush' during expansion releases. I can see why the decision to 'just buy more servers' just to counter DDoS may not be feasible for a business to make? I'm going into this with the assumption that 'just buying new servers' could be considered a waste I guess.

Is that true on the technical side? I'm kinda looking into it from a general business-y standpoint I guess.

I'd like to think if SE would have made some gametime compensations? (I'm personally indifferent, but I think it'd be a nice gesture), paused auto demo (for the time being maybe?), maybe extended the length of certain events, I'd like to think people would be happy? I think some good will might be gained from decisions like this. I don't blame SE for being attacked, it's a good thing that people WANT to play the game and with the expansion approaching I'd think people may be resubbing to catch up and/or prepare for DT.

Also ShB and EW just got a 60% off discount.... Lodestone Sauce for the PC/Mac version.

[Taliriah]

This is really interesting! I only heard that it becomes/is expensive but I never imagined something like 500x! Using common sense, it does in a way make sense that maintaining a large amount of compromised devices can also be costly, to my not-tech-savvy brain, I'm guessing it's all about staying one step ahead is that it?

I guess if I had to break it down to my example, a small restaurant (not too many staff/resources) and a large restauranted (well staffed, plenty of resources)...The large one can probably handle the customer rush, but I imagine if this example could be parallel server upgrades, let's say your restaurant/game is functioning quite well as medium and you only expect a 'rush' during expansion releases. I can see why the decision to 'just buy more servers' just to counter DDoS may not be feasible for a business to make? I'm going into this with the assumption that 'just buying new servers' could be considered a waste I guess.

Is that true on the technical side? I'm kinda looking into it from a general business-y standpoint I guess.

That's a flawed analogy for a ddos: the attackers aren't customers, they are just in the way. A better analogy would be: a bunch of people show up in your restaurant but are just standing around, not ordering anything. More staff wouldn't help, because the problem is all those non-customers hindering the staff. And you can't just kick them out, because you first have to talk with them to know if they're an actual customer or just here to be annoying.

[Rueby]

That's a flawed analogy for a ddos: the attackers aren't customers, they are just in the way. A better analogy would be: a bunch of people show up in your restaurant but are just standing around, not ordering anything. More staff wouldn't help, because the problem is all those non-customers hindering the staff. And you can't just kick them out, because you first have to talk with them to know if they're an actual customer or just here to be annoying.

Hmm I actually thought of them just standing around doing nothing but it felt like it didn't fit? I guess to me the making orders bit helped translate the overloaded servers and how the service is getting affected. But I think you're right in a way! If I imagine a restaurant that can serve let's say 40 people and has a capacity to fit 60 people. Then you suddenly had an influx of 300 people, standing around and disrupting the staff from serving the restaurant's actual customers. Hmm I think maybe that's a better analogy? Maybe?

Hmm I guess I equated the server resources to staff which made more sense to me? But now that I think of it I think your correction makes more sense. To me I'm guessing a combination of 'make the restaurant bigger, hire more chefs/staff' would make them slightly less affected but I think the best way is to stop these 'I'm gonna enter and chill' at the door. I guess this boils down to my limited understanding! Thank you so much for clarifying. It's a really interesting thing, but I'm not tech savvy at all so I need to kinda break things down for my unwrinkly brain.